[openssl-dev] How to do reneg with client certs in 1.1.0 API
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Feb 8 14:36:40 UTC 2016
> On Feb 8, 2016, at 9:26 AM, Matt Caswell <matt at openssl.org> wrote:
>
> SSL_renegotiate(ssl);
> SSL_do_handshake(ssl);
> do {
> read_some_app_data();
> if(no_client_cert_yet()) {
> discard_app_data();
> }
> } while(no_client_cert_yet());
At what point in the handshake would a query for client
certificates show their presence? Is it always strictly
after the new "finished" message? An additional check for
the completion of the handshake may be appropriate.
--
--
Viktor.
More information about the openssl-dev
mailing list